@RequestMapping(method = PUT)
public void initScenario() {
log.info("Initializing scenario..");
// clean-up users, roles and permissions
userRepo.deleteAll();
roleRepo.deleteAll();
permissionRepo.deleteAll();
// define permissions
final Permission p1 = new Permission();
p1.setName("VIEW_ALL_USERS");
permissionRepo.save(p1);
final Permission p2 = new Permission();
p2.setName("DO_SOMETHING");
permissionRepo.save(p2);
// define roles
final Role roleAdmin = new Role();
roleAdmin.setName("ADMIN");
roleAdmin.getPermissions().add(p1);
roleRepo.save(roleAdmin);
// define user
final User user = new User();
user.setActive(true);
user.setCreated(System.currentTimeMillis());
user.setEmail("*****@*****.**");
user.setName("Paulo Pires");
user.setPassword(passwordService.encryptPassword("123qwe"));
user.getRoles().add(roleAdmin);
userRepo.save(user);
log.info("Scenario initiated.");
}
@RequestMapping(value = "do_something", method = GET)
@RequiresAuthentication
@RequiresRoles("DO_SOMETHING")
public List<User> dontHavePermission() {
return userRepo.findAll();
}
@RequestMapping(method = GET)
@RequiresAuthentication
@RequiresRoles("ADMIN")
public List<User> getAll() {
return userRepo.findAll();
}
